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DETAILED ACTION 

1. Claims 1-88 are pending in this application. 

2. The Information Disclosure Statements filed on 1/16/2007 and 4/17/2007 have 
been considered by the examiner. 

Claim Rejections - 35 USC § 102 

1. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

2. Claims 1-3, 6, 10-12, 15, 21-23, 26, 30-32, 35, 41-43, 46, 50-52, 55, 
61-63, 66, 78-80, and 83 are rejected under 35 U.S.C. 102(b) as being anticipated 
by Murphy (US 6,226,744), hereafter "Murphy." 



3. 



Murphy is cited by the applicant in an IDS paper filed on 1/2/2004. 
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4. Considering Claims 1, 21, 41, and 61, Murphy discloses a method for digital 
content access control (abstract- lines 1-5), comprising: determining, on a user 
device, digital content to be made accessible via a rights locker (column 3- lines 
35-36); determining, on said user device, enrollment authentication data (column 
4- lines 1-7); sending, from said user device, a rights locker enrollment request 
to a rights locker provider (column 3- lines 35-36), said rights locker enrollment 
request comprising a digital content request and said enrollment authentication 
data (column 3- lines 35-36, column 4- lines 1-7); receiving, on said user device, 
one or more authenticated rights locker access requests in response to said 
sending (column 5- lines 55-60), said one or more authenticated rights locker 
access requests for subsequent use in accessing digital content associated with 
said rights locker (column 7- lines 26-28, column 6- lines 56-61); receiving, on 
said user device, an indication of a selection of one of said one or more 
authenticated rights locker access requests (column 3- lines 35-36, column 6- 
lines 50-54, requesting a PIN from the user establishes that the user is selecting 
to retrieve the information requested from the server); sending, from said user 
device, said authenticated rights locker access request to a rights locker provider 
(column 3- lines 35-36); and receiving, on said user device, a result in response 
to said sending said authenticated rights locker access request (column 6- lines 
46-47, the result is that the user is granted access to the restricted information). 
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5. Considering Claims 10, 30, 50, and 78, Murphy discloses a method for digital 
content access control (abstract- lines 1-5), comprising: receiving, by a rights 
locker provider, a rights locker enrollment request from a user device associated 
with a user (column 3- lines 35-36), said rights locker enrollment request 
comprising a digital content request and enrollment authentication data (column 
3- lines 35-36, column 4- lines 1-5); determining, by said rights locker provider, 
whether said user is authorized (column 6- lines 8-11 and 43-49), said 
determining comprising determining the rights of said user to access said rights 
locker and the rights of said user to digital content specified by said digital 
content request (column 6- lines 1-7); if said user is authorized, initializing, by 
said rights locker provider, said rights locker with rights to said digital content 
(column 6- lines 43-47); obtaining, by said rights locker provider, one or more 
tokens that authenticate future access to a rights locker corresponding to said 
digital content (column 5- lines 55-60, column 6- lines 56-61); creating, by said 
rights locker provider, one or more authenticated rights locker access requests 
based at least in part on said one or more tokens (column 5- lines 55-60); 
sending, by said rights locker provider, said one or more authenticated rights 
locker access requests (column 3- lines 35-36); receiving, by said rights locker 
provider, an indication of a user selection of one of said one or more 
authenticated rights locker access requests (column 3- lines 35-36, column 6- 
lines 50-54, requesting a PIN from the user establishes that the user is electing 
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to retrieve the information requested from the server); and accessing the 
contents of said rights locker according to a type of said rights token (column 7- 
lines 22-28, accessing, by said rights locker provider, content based on the SSN 
is shown, it is also shown that this could be done using tickets, certificates, or 
keys which can be read as tokens). 

6. Considering Claims 2, 11, 22, 31, 42, SI, 62, and 79, Murphy discloses 
digital content request comprises a request for initializing said rights locker with 
rights to specified digital content (column 3, lines 35-36). 

7. Considering Claims 3, 12, 23, 32, 43, 52, 63, and 80, Murphy discloses 
enrollment authentication data comprises: rights locker access authentication 
data for determining what rights, if any, a user of said user device has to access 
said rights locker (column 6, lines 43-47); and rights content access 
authentication data for determining what rights, if any, said user has to digital 
content associated with said rights locker (column 6, lines 43-47). 

8. Considering Claims 6, IS, 26, 35, 46, 55, 66, and 83, Murphy discloses 
enrollment authentication data comprises a reenrollment key determined in a 
previous enrollment request for said rights locker (column 7, lines 22-28), said 
reenrollment key for supplementing or replacing enrollment authentication data 
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of said previous enrollment request (column 6, lines 56-61, column 7, lines 22- 
28). 

9. Considering Claim 67, Murphy discloses apparatus comprises a smart card 
(abstract, lines 1-5). 



Claim Rejections - 35 USC § 103 

1. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented 
and the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 4, 5, 13, 14, 16, 24, 25, 33, 34, 36, 44, 45, 53, 54, 56, 64, 65, 81, 

82, and 84 are rejected under 35 U.S.C. 103(a) as being unpatentable over Murphy 
in view of Hendrick (US 7,083,095), hereafter "Hendrick." 

3. Considering Claims 4, 13, 24, 33, 44, 53, 64, and 81, Murphy does not 
disclose rights locker access authentication data comprises payment for use of a 
rights locker service. 
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Hendrick does disclose rights locker access authentication data comprises 
payment for use of a rights locker service (column 11, lines 44-62). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the teachings of Murphy with the 
payment method taught by Hendrick in order to protect the rights of creators 
and publishers along with their content, collect their payments, and maintain 
their profits while providing consumers with easier access to content and lower 
prices (Hendrick- column 13, lines 7-10). 



4. Considering Claims 5, 14, 25, 34, 45, 54, 65, and 82, Murphy does not 
disclose rights content access authentication data comprises payment for rights 
deposited in said rights locker. 



Hendrick discloses rights content access authentication data comprises payment 
for rights deposited in said rights locker (column 13, lines 7-10). 



Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the teachings of Murphy with the 
payment method taught by Hendrick in order to protect the rights of creators 
and publishers along with their content, collect their payments, and maintain 
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their profits while providing consumers with easier access to content and lower 
prices (Hendrick- column 13, lines 7-10). 

5. Considering Claims 16, 36, 56, and 84, Murphy does not disclose determining 
comprises determining whether said user is entitled to become an enrolled user 
based at least in part on whether payment for use of the rights locker service 
succeeds. 



Hendrick discloses determining comprises determining whether said user is 
entitled to become an enrolled user based at least in part on whether payment 
for use of the rights locker service succeeds (column 13, lines 11-14). 



Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the teachings of Murphy with the 
payment method taught by Hendrick in order to protect the rights of creators 
and publishers along with their content, collect their payments, and maintain 
their profits while providing consumers with easier access to content and lower 
prices (Hendrick- column 13, lines 7-10). 

6. Considering Claims 17, 37, 57, and 85, Murphy does not disclose determining 
whether an enrolled user is entitled to populate said rights locker with rights to 
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said digital content based at least in part on whether payment for said rights 
succeeds. 

Hendrick discloses determining whether an enrolled user is entitled to populate 
said rights locker with rights to said digital content based at least in part on 
whether payment for said rights succeeds (column 13, lines 11-14). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the teachings of Murphy with the 
payment method taught by Hendrick in order to protect the rights of creators 
and publishers along with their content, collect their payments, and maintain 
their profits while providing consumers with easier access to content and lower 
prices (Hendrick- column 13, lines 7-10). 

7. Claims 7, 18, 27, 38, 47, 58, 75, and 86 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Murphy in view of Mohler (US 6,601,173). 

8. Considering Claims 7, 18, 27, 38, 47, 58, 75, and 86, Murphy does not 
disclose storing at least part of said one or more authenticated rights locker 
access requests in a bookmark on said user device. 
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Mohler discloses storing at least part of said one or more authenticated rights 
locker access requests in a bookmark on said user device (abstract, lines 19-30). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the teachings of Murphy with a 
bookmark to store user authentication information as taught by Mohler for the 
benefit of automating the user's access to a particular website. The user, 
already having been password admitted, simplyclicks on the desired bookmark 
and the computer system automatically access the identified Internet website 
without further input from the user (Mohler- abstract, lines 26-30). 

9. Claims 8, 19, 28, 39, 48, 59, 76, and 87 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Murphy in view of Steven W. Disbrow. Use 
cookies to maintain state in Web applications. Active Server 
Developer's Journal. Louisville: Sep 2000. Vol. 4. Iss. 9; pg. 7, 3 pgs. 

Hereafter "Disbrow." 

10. Considering Claims 8, 19, 28, 39, 48, 59, 76, and 87, Murphy does not 
disclose one or more authenticated rights locker access requests are embedded 
in a Web cookie. 
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Disbrow discloses one or more authenticated rights locker access requests are 
embedded in a Web cookie (Full Text, H 3, lines 2-4). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the teachings of Murphy with using 
cookies to imbed personal information as taught by Disbrow for the benefit of 
remembering a particular visitor so that forms he filled out, selections and 
preferences he made, and other personalized information wouldn't have to be re- 
entered each time he visited the site (Disbrow- Full Text, H 3, lines 2-4) 

11. Claims 9, 20, 29, 40, 49, 60, 77, and 88 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Murphy in view of Weissman (US 
2002/0156905), hereafter "Weissman." 

12. Considering Claims 9, 20, 29, 40, 49, 60, 77, and 88, Murphy does not 
disclose one or more authenticated rights locker access requests are 
encapsulated in an HTTP Response message. 

Weissman discloses one or more authenticated rights locker access 

requests are encapsulated in an HTTP Response message ([0035] lines 10-22, 

[0036]). 
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Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the teachings of Murphy with 
encapsulating user authentication information in a http response message as 
taught by Weissman for the benefit of appending authentication credentials 
stored in the logon database and other information extracted from the previously 
received HTTP responses. 

13. Claims 68-74 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Murphy. 

14. Considering Claims 68-74, Murphy does not explicitly disclose a wide range of 
different types of smart cards. 

Murphy does suggest a smart card is a device that is typically the size of a credit 
card, having a microprocessor and limited storage memory (column 2, lines 46- 
48). 

Therefore, it would have been obvious at the time of the invention to use 
Murphy with the wide range of different types of smart cards for the benefit of 
having a system that is usable on a wide variety of designs and platforms. 
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Response to Arguments 

1 . Applicant's arguments filed 5/1/2007 have been fully considered but they are not 
persuasive. 

2. Regarding Claims 1, 21, 41, and 61, applicants arguments have been fully 
considered but they are not persuasive. With respect to applicants argument that 
Murphy fails to teach the operations occur on a single device and not multiple devices. 
Examiner disagrees and directs the applicant to Murphy- column 3- lines 35-36, column 
4- lines 1-7, column 5- lines 42-46 and 55-60, column 6- lines 43-47 and 56-61, column 
7- lines 5-7 and 25-28, Fig. 3. Furthermore, the operations recited in the claims portray 
a communication between a user device and a rights locker provider that is modeled by 
the communication between the server and PC with corresponding smart card interface 
described by Murphy. Murphy also suggests that although specific functions were 
enumerated for the authentication module and smart card interface module, it can be 
appreciated that the functions for each separate module could be combined into a 
single module and still fall within the scope of the invention (Murphy- column 15- lines 1- 
5). 
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Murphy discloses the client sends a request to the server to access restricted 
information stored by the server, which indicates that the requested data is determined 
on the user device. 

Murphy further discloses that the enrollment authentication data is stored on the smart 
card and sent to the server (i.e. sending, from a user device, a rights locker enrollment 
request). 

Murphy goes on to disclose receiving tokens from a certificate authority (i.e. receiving, 
on said user device, one or more authenticated rights locker access requests). 

An indication of a selection of one of said one or more authentication rights locker 
access requests is suggested in the original request and the granting of said initial 
request. Murphy discloses the user requests access to specific information in the 
restricted server. The server requests a PIN from the user, which establishes that the 
user is selecting to retrieve the information originally requested. That the server 
responds by granting access to that information indicates that the server has indicated 
the selection of the specific request initiated by the user. 

Finally. Murphy discloses that once the user has been authenticated, the authentication 
module grants the user access to the restricted information (i.e. a result). 



Application/Control Number: 10/687,488 Page 15 

Art Unit: 2135 

3. Regarding Claims 10, 30, 50, and 78, applicants arguments have been fully 
considered but they are not persuasive for the same reasons as stated above. 

Conclusion 

1 . THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

2. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Randal D. Moran whose telephone number is 571-270- 
1255. The examiner can normally be reached on M-F: 7:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO 
Customer Service Representative or access to the automated information system, call 
800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Randal D. Moran 




7/19/2007 
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